That is, in order to reject invalid parameters.
Resolves #402
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
}
}
-unsigned
+int
_gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
unsigned salt_size)
{
- unsigned max_salt_size, digest_size;
+ unsigned digest_size;
+ int max_salt_size;
+ unsigned key_size;
digest_size = _gnutls_hash_get_algo_len(me);
- max_salt_size = (bits + 7) / 8 - digest_size - 2;
+ key_size = (bits + 7) / 8;
+
+ if (key_size == 0) {
+ return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY);
+ } else {
+ max_salt_size = key_size - digest_size - 2;
+ if (max_salt_size < 0)
+ return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+ }
if (salt_size < digest_size)
salt_size = digest_size;
- if (salt_size > max_salt_size)
+ if (salt_size > (unsigned)max_salt_size)
salt_size = max_salt_size;
return salt_size;
gnutls_pk_params_st * params, const gnutls_datum_t * data,
gnutls_datum_t * digest);
-unsigned _gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
- unsigned salt_size);
+int _gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
+ unsigned salt_size);
#endif /* GNUTLS_PK_H */
if (pk == GNUTLS_PK_RSA_PSS) {
const mac_entry_st *me;
+ int ret;
me = hash_to_entry(dig);
if (unlikely(me == NULL))
if (flags & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE)
params->salt_size = 0;
- else
- params->salt_size = _gnutls_find_rsa_pss_salt_size(bits, me, salt_size);
+ else {
+ ret = _gnutls_find_rsa_pss_salt_size(bits, me, salt_size);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ params->salt_size = ret;
+ }
params->rsa_pss_dig = dig;
}
}
if (params->pk == GNUTLS_PK_RSA_PSS) {
-
+ int ret;
if (!GNUTLS_PK_IS_RSA(key_params->algo))
return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
if (key_params->algo == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) {
bits = pubkey_to_bits(key_params);
params->rsa_pss_dig = se->hash;
- params->salt_size = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+ ret = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ params->salt_size = ret;
}
if (params->rsa_pss_dig != se->hash)
/* If salt size is zero, find the optimal salt size. */
if (spki->salt_size == 0) {
- tpki.salt_size =
+ ret =
_gnutls_find_rsa_pss_salt_size(bits, me,
spki->salt_size);
+ if (ret < 0) {
+ gnutls_assert();
+ goto cleanup;
+ }
+ tpki.salt_size = ret;
} else
tpki.salt_size = spki->salt_size;
} else if (crq_pk == GNUTLS_PK_RSA_PSS) {
goto cleanup;
}
- key->params.spki.salt_size =
- _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+ ret = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+ if (ret < 0) {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ key->params.spki.salt_size = ret;
}
ret = _gnutls_pk_generate_keys(algo, bits, &key->params, 0);
/* If salt size is zero, find the optimal salt size. */
if (spki->salt_size == 0) {
- tpki.salt_size =
- _gnutls_find_rsa_pss_salt_size(bits, me,
+ ret = _gnutls_find_rsa_pss_salt_size(bits, me,
spki->salt_size);
+ if (ret < 0) {
+ gnutls_assert();
+ goto cleanup;
+ }
+ tpki.salt_size = ret;
} else
tpki.salt_size = spki->salt_size;
} else if (crt_pk == GNUTLS_PK_RSA_PSS) {
projects / thirdparty / gnutls.git / commitdiff
